TY - CHAP
T1 - An efficient privacy-preserving comparison protocol
AU - Saha, Tushar Kanti
AU - Koshiba, Takeshi
N1 - Funding Information:
This work is supported in part by JSPS Grant-in-Aids for Scientific Research (A) JP16H01705 and for Scientific Research (B) JP17H01695.
Publisher Copyright:
© Springer International Publishing AG 2018.
PY - 2018
Y1 - 2018
N2 - We address an efficient privacy-preserving comparison protocol using somewhat homomorphic encryption based on ring learning with errors (ring-LWE) problem in the semi-honest model. Here we take two l-bit integers a and b as input and produce the output indicating a< b or a≥ b. To accomplish this task, Damgård, Geisler, and Krøigård (DGK) [Int. J. of Appl. Cryptol., 1(1), 2008] proposed an efficient protocol using an additively homomorphic encryption scheme in the semi-honest model. Thereafter many attempts were made to improve the performance for the privacy-preserving integer comparison but the improvement is not remarkable. Until now, the DGK protocol is believed to be one of the efficient comparison protocols using homomorphic encryption. The DGK protocol executes an integer comparison within 969 ms (resp., 1977 ms) for 16-bit (resp., 32-bit) integers under the 112-bit security level (by using the 2048-bit RSA). In this paper, we propose a more efficient comparison protocol than the DGK protocol. For the efficiency, we propose two new packing methods to make the comparison computation faster for some packed ciphertexts. The first packing method helps the multiple Hamming distance computation and the second packing method helps to compute the bit differences of two l-bit integers. Finally, our experiments at the 140-bit security level show that our method is about 147 times faster for 16-bit integers comparison and 146 times faster for 32-bit integers comparison than that of the DGK protocol.
AB - We address an efficient privacy-preserving comparison protocol using somewhat homomorphic encryption based on ring learning with errors (ring-LWE) problem in the semi-honest model. Here we take two l-bit integers a and b as input and produce the output indicating a< b or a≥ b. To accomplish this task, Damgård, Geisler, and Krøigård (DGK) [Int. J. of Appl. Cryptol., 1(1), 2008] proposed an efficient protocol using an additively homomorphic encryption scheme in the semi-honest model. Thereafter many attempts were made to improve the performance for the privacy-preserving integer comparison but the improvement is not remarkable. Until now, the DGK protocol is believed to be one of the efficient comparison protocols using homomorphic encryption. The DGK protocol executes an integer comparison within 969 ms (resp., 1977 ms) for 16-bit (resp., 32-bit) integers under the 112-bit security level (by using the 2048-bit RSA). In this paper, we propose a more efficient comparison protocol than the DGK protocol. For the efficiency, we propose two new packing methods to make the comparison computation faster for some packed ciphertexts. The first packing method helps the multiple Hamming distance computation and the second packing method helps to compute the bit differences of two l-bit integers. Finally, our experiments at the 140-bit security level show that our method is about 147 times faster for 16-bit integers comparison and 146 times faster for 32-bit integers comparison than that of the DGK protocol.
UR - http://www.scopus.com/inward/record.url?scp=85051106685&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85051106685&partnerID=8YFLogxK
U2 - 10.1007/978-3-319-65521-5_48
DO - 10.1007/978-3-319-65521-5_48
M3 - Chapter
AN - SCOPUS:85051106685
T3 - Lecture Notes on Data Engineering and Communications Technologies
SP - 553
EP - 565
BT - Lecture Notes on Data Engineering and Communications Technologies
PB - Springer Science and Business Media Deutschland GmbH
ER -